System and a method for asynchronous replication for storage area networks

ABSTRACT

A data backup and recovery system for use with at least one server interconnected with at least one storage device, including at least one data recovery device, at least one associated data recovery storage device, controlled by the data recovery device, and at least one data communication monitor. A method for data backup and recovery is also disclosed.

REFERENCE TO CO-PENDING APPLICATION

Applicant hereby claims priority of U.S. Provisional Patent ApplicationSer. No. U.S. Ser. No. 60/272,782, filed Mar. 5, 2001, entitled “ASYSTEM AND A METHOD FOR ASYNCHRONOUS REPLICATION FOR STORAGE AREANETWORKS”.

REFERENCE TO COMPUTER PROGRAM LISTING APPENDIX

A computer program listing appendix is submitted herewith on one compactdisc and one duplicate compact disc. The total number of compact discsincluding duplicates is two. The files on the compact discs are softwareobject code for carrying out the preferred embodiment of the invention.

Their names, dates of creation, directory locations, and sizes in bytesof the compact disc are:

42541.hex of Feb. 28, 2002 located in the root folder and of length124,437,726 bytes.

The files are referred to herein as Appendix 1. The material on thecompact discs is incorporated by reference herein.

FIELD OF THE INVENTION

The present invention relates to systems and methods for backup andrecovery of information used with geographically dispersed informationprocessing environments.

BACKGROUND OF THE INVENTION

The following U.S. Pat. Nos. are believed to represent the current stateof the art:

-   -   6,148,383; 5,734,818; 5,577,222 and 5,446,871.

SUMMARY OF THE INVENTION

The present invention seeks to provide improved systems and methods forbackup and recovery of data for geographically dispersed informationprocessing environments and storage area networks.

There is thus provided in accordance with a preferred embodiment of thepresent invention a data backup and recovery system for use with atleast one server interconnected with at least one storage device, thedata backup and recovery system including at least one data recoverydevice, at least one data recovery storage device associated with andcontrolled by the at least one data recovery device and at least onedata communication monitor for providing to the at least one datarecovery device at least control information bearing an order stampregarding data communications between corresponding ones of the at leastone server and the at least one storage device, the at least one datarecovery device being responsive to at least the control informationbearing an order stamp for storing data on the at least one datarecovery storage device in a manner which enables reconstruction of arepresentation of the data communications at a given earlier time butdoes not require that the data be sent to the at least one data recoverydevice in a given order or stored on the at least one data recoverystorage device in a given order.

There is also provided in accordance with a preferred embodiment of thepresent invention a data backup and recovery system for use with atleast one server interconnected with at least one storage device, thedata backup and recovery system including at least one data recoverydevice, at least one data recovery storage device associated with andcontrolled by the at least one data recovery device and datacommunication monitors for providing to the at least one data recoverydevice at least control information bearing an order stamp regardingdata communications between corresponding ones of the at least oneserver and the at least one storage device, the at least one datarecovery device being operative to receive the at least controlinformation and to store data on the at least one data recovery storagedevice in parallel and not requiring that the data be received by the atleast one data recovery device in a given order.

There is further provided in accordance with a preferred embodiment ofthe present invention a method for data backup and recovery for use withat least one server interconnected with at least one storage device,including providing at least one data recovery device, providing atleast one data recovery storage device associated with and controlled bythe at least one data recovery device and providing at least one datacommunication monitor operative to perform monitoring the datacommunication between the at least one server and the at least onestorage device, creating at least control information bearing an orderstamp regarding the data communications between corresponding ones ofthe at least one server and the at least one storage device and sendingthe monitored data communications and the control information to the atleast one data recovery device, the at least one data recovery deviceresponding to the at least control information in a manner which enablesreconstruction of a representation of the data communications at a givenearlier time but not requiring that the sending the monitored datacommunications and the control information to the at least one datarecovery device be in a given order or stored on the at least one datarecovery storage device in a given order.

There is yet further provided in accordance with a preferred embodimentof the present invention a method for data backup and recovery for usewith at least one server interconnected with at least one storagedevice, including providing at least one data recovery device, providingat least one data recovery storage device associated with and controlledby the at least one data recovery device, providing at least one datacommunication monitor operative to perform monitoring the datacommunication between the at least one server and the at least onestorage device, creating at least control information bearing an orderstamp regarding the data communications between corresponding ones ofthe at least one server and the at least one storage device and sendingthe monitored data communications and the control information to the atleast one data recovery device, receiving the at least controlinformation by the at least one data recovery device, and storing thedata on the at least one data recovery storage device in parallel andwithout requiring that the data be received by the at least one datarecovery device in a given order.

Preferably, the data communication monitors are located other than onlyat the at least one storage device.

In accordance with a preferred embodiment of the present invention, thedata communication monitors also provide at least part of the datacommunications to the at least one data recovery device.

Preferably, the at least one data recovery device is operative toreceive the at least control information and to store data on the atleast one data recovery storage device in parallel.

In accordance with a preferred embodiment of the present invention thedata communications comprise data updates.

In accordance with another preferred embodiment of the presentinvention, the reconstruction of a representation of the datacommunications at a given earlier time guarantees that if the orderstamp of a first update is smaller than the order stamp of a secondupdate, the second update is not stored on the at least one datarecovery storage device unless the first update is stored on the atleast one data recovery storage device.

Preferably, the data communication monitors are associated withindividual ones of the at least one server. Alternatively, the datacommunication monitors are associated with network elements of a storagearea network.

In accordance with a preferred embodiment of the present invention, atleast one of the control information and the data communications iscommunicated from the data communication monitors to the data recoverydevice via a network. Preferably, the network is a private network.Alternatively, the network is a public network. Alternatively, at leastone of the control information and the data communications iscommunicated from the data communication monitors to the data recoverydevice via a storage area network.

In accordance with another preferred embodiment of the presentinvention, the data communication monitors provide at least part of thedata communications to the at least one data recovery storage deviceother than via the at least one data recovery device.

In accordance with yet another preferred embodiment of the presentinvention, the data backup and recovery system also includes at leastone LOG storage device wherein the at least one LOG storage deviceincludes at least control information bearing a time mark regarding datacommunications between corresponding ones of the first plurality ofservers and the plurality of storage devices via the storage areanetwork. Preferably, the data communication monitors also store at leastpart of the data communications to the at least one LOG storage device.Additionally, the data communications stored to the at least one LOGstorage device include data updates sent by the first plurality ofservers to the second plurality of storage devices.

In accordance with still another preferred embodiment of the presentinvention, the data backup and recovery system has at least one storagedevice LOG such that if either the control information or the datacommunications, or both, are prematurely erased from the at least onedata recovery device due to a failure or other event, the at least onedata recovery device restores either the control information or the datacommunications, or both, from the at least one storage device LOG.Additionally, the at least one data recovery device resumes itsactivities with the restored data from the at least one storage deviceLOG.

Preferably, the at least one data recovery device retrieves the at leastpart of the data communications from the at least one storage device LOGfor the purpose of storing the data to at least one data recoverystorage device associated therewith in the time ordered manner.

In accordance with yet another preferred embodiment of the presentinvention, the at least part of the data communications is communicatedfrom the data communication monitors to the at least one storage deviceLOG via a network. Preferably, the network is a private network.Alternatively, the network is a public network. In accordance withanother preferred embodiment, the at least part of the datacommunications is communicated from the data communication monitors tothe at least one storage device LOG via the storage area network.

In accordance with yet another preferred embodiment, the at least onedata recovery device retrieves both the control information and the atleast part of the data communications from at least one storage deviceLOG for the purpose of storing the data to at least one data recoverystorage device associated therewith in the time ordered manner.

In accordance with yet another preferred embodiment of the presentinvention, both the control information and the at least part of thedata communications are communicated from the data communicationmonitors to the at least one storage device LOG via a network.Preferably, the network is a private network. Alternatively, the networkis a public network. In another preferred embodiment, both the controlinformation and the at least part of the data communications arecommunicated from the data communication monitors to the at least onestorage device LOG via the storage area network.

Preferably, the reconstruction includes sending the data communicationsfrom the at least one data recovery storage device to the at least onestorage device. Additionally, the reconstruction includes employing theat least one data backup and recovery system as at least one of the atleast one server and the at least one storage device.

In accordance with another preferred embodiment, the at least one serverand the at least one storage device are interconnected via a local areanetwork (LAN). Alternatively, the at least one server and the at leastone storage device are interconnected via a storage area network (SAN).

In accordance with still another preferred embodiment, the at least onestorage device is a network attached storage (NAS) device.

In accordance with another preferred embodiment, the at least one datacommunication monitor monitors data communications between the at leastone server and the at least one storage device over the LAN.Alternatively, the at least one data communication monitor monitors datacommunications between the at least one server and the at least onestorage device over the SAN.

Preferably, the at least one server includes the at least one datacommunication monitor. Alternatively, the at least one storage deviceincludes the at least one data communication monitor.

In accordance with another preferred embodiment, the SAN includes the atleast one data communication monitor.

BRIEF DESCRIPTION OF THE DRAWINGS AND APPENDIX

The present invention will be understood and appreciated more fully fromthe following detailed description, taken in conjunction with thedrawings in which:

FIG. 1 is a simplified illustration of a data backup and recovery systemconstructed and operative in accordance with a preferred embodiment ofthe present invention, operative in a geographically dispersedinformation processing environment;

FIGS. 2A, 2B, 2C, 2D, 2E, 2F and 2G are simplified illustrations ofalternative embodiments wherein an information processing sitecommunicates backup information in accordance with the presentinvention;

FIGS. 3A and 3B are simplified illustrations of flow of backup data in adata backup and recovery system and method constructed and operative inaccordance with preferred embodiments of the present invention;

FIGS. 4A and 4B, taken together, are a simplified illustration of theflow of backup data within a data backup and recovery system and methodconstructed and operative in accordance with the embodiment shown inFIG. 3A;

FIGS. 4C and 4D, taken together, are a simplified illustration of theflow of backup data within a data backup and recovery system and methodconstructed and operative in accordance with another embodiment of thepresent invention;

FIG. 5 is a simplified illustration of flow of backup data within a databackup and recovery system and method constructed and operative inaccordance with another embodiment of the present invention;

FIG. 6 is a simplified illustration of flow of recovery data within adata backup and recovery system and method constructed and operative inaccordance with a preferred embodiment of the present invention;

FIG. 7 is a simplified illustration of flow of recovery data within adata backup and recovery system and method constructed and operative inaccordance with a preferred embodiment of the present invention;

FIG. 8 is a simplified illustration of flow of backup information andassociated order stamps from a plurality of monitors operative inaccordance with a preferred embodiment of the present invention;

FIG. 9 is a simplified illustration of backup information flow and aseparate and associated flow of order stamps, from a plurality ofinformation processing sites operative in accordance with a preferredembodiment of the present invention; and

FIGS. 10A and 10B, taken together, form a simplified flow chart of atypical procedure for managing the temporary memory of a data backup andrecovery system constructed and operative in accordance with a preferredembodiment of the present invention.

APPENDIX LIST

Appendix 1 is a computer listing which forms a preferred softwareembodiment of the present invention.

DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS

Reference is now made to FIG. 1, which is a simplified illustration of adata backup and recovery system constructed and operative in accordancewith a preferred embodiment of the present invention, operative in ageographically dispersed information processing environment 10. As seenin FIG. 1, the geographically dispersed information processingenvironment 10 comprises at least one information processing site 12 andat least one information backup and recovery site 14, typically locatedat separate geographic locations. The information processing site 12 andthe information backup and recovery site 14 are interconnected viainterconnection 16, preferably a wide area network (WAN), such as apublic services digital network (PSDN).

It is appreciated that the information processing site 12 and theinformation backup and recovery site 14 may be situated at a singlegeographic location or a multiplicity of geographically dispersedlocations. It is also appreciated that any suitable data communicationtechnology or combination of data communication technologies may be usedto interconnect the information processing site 12 with the informationbackup and recovery site 14 of the information processing environment10. For example, interconnection 16 may comprise wire line communicationfacilities as well as wireless communication facilities, including radiocommunication and satellite communication.

As further seen in FIG. 1, the information processing site 12 preferablycomprises at least one information processing device 20, at least oneinformation storage device 22, at least one monitoring server 24 and atleast one communication gateway 26. The information processing device20, the information storage device 22, the monitoring server 24 and thecommunication gateway 26 are preferably interconnected byinterconnection 28, such as a local area network (LAN). As describedhereinbelow with reference to FIGS. 2A–2G, interconnection 28 mayinclude one or more interconnections connected to devices in addition toinformation processing device 20, information storage device 22,monitoring server 24 and communication gateway 26.

The information backup and recovery site 14 preferably comprises atleast one information backup and recovery server 30, at least oneinformation storage device 32 and at least one communication gateway 34.The information backup and recovery server 30, the information storagedevice 32 and the communication gateway 34 are preferably interconnectedby interconnection 36, such as a LAN. As described hereinbelow withreference to FIGS. 5, 6, 8 and 9, interconnection 38 may be comprised ofone or more interconnections connected to devices in addition toinformation backup and recovery server 30, information storage device 32and communication gateway 34.

In accordance with a preferred embodiment of the present invention, theinformation processing site 12, in particular the monitoring server 24,sends backup information 40, preferably in accordance with embodimentsdescribed hereinbelow with reference to FIGS. 3A–4D, to the informationbackup and recovery site 14. It is appreciated that any suitablecommunication technology may be used to provide communication betweenthe monitoring servers 24, via the communication gateway 26 and theinterconnection 16 to the information backup and recovery site 14.

Recovery of backup information 40, that has been received at theinformation backup and recovery site 14 from the information processingsite 12, is provided for, preferably in accordance with embodimentsdescribed hereinbelow with reference to FIGS. 6 & 7, in the event offailure of information processing site 12. Recovery information is sentfrom the backup and recovery site 14, via the interconnection 16, to theinformation processing site 12, as indicated by arrows 42. Theinformation structure of information processing site 12, such as filesand databases, is recovered from the information received from backupand recovery site 14.

Alternatively, in the event of failure of information processing site12, the backup and recovery site 14 is used as an information processingsite instead of the failed information processing site 12. In analternative embodiment of the present invention, when part of theinformation processing site 12 remains functional, portions of thebackup and recovery site 14 are configured to work together with thefunctional portions of information processing site 12. For example, inthe event of failure of the storage device 22, the remaining portions ofinformation processing site 12 would be connected via theinterconnection 16 to the backup and recovery site 14 that wouldfunction as the information storage device 22.

Reference is now made to FIG. 2A, which is a simplified illustration ofa preferred embodiment of an information processing site communicatingbackup information in accordance with the present invention. As seen inthe embodiment of FIG. 2A, the interconnection 28 includes a LAN 50,application servers 54 and a storage area network (SAN) 56, withcorresponding communication links to the information processing devices20, the information storage devices 22, the monitoring server 24 and thecommunication gateway 26. The communication gateway 26 is connected tothe LAN 50, while the monitoring server 24 is connected to both the SAN56 and the LAN 50.

The information processing devices 20 typically communicateinput-and-output (I/O) requests 60, over the LAN 50, to the applicationservers 54, which, in turn, communicate the corresponding storage I/Orequests 62 to the information storage devices 22 via the SAN 56. It isappreciated that the application servers 54 may convert each I/O request60 into a plurality of storage I/O requests 62. The monitoring server 24monitors the storage I/O requests 62 over the SAN 56, as indicated bystream of data 63, and sends the corresponding backup informationrecords 64, via the LAN 50, the communication gateway 26 and theinterconnection 16, to the information backup and recovery site 14.

Reference is now made to FIG. 2B, which is a simplified illustration ofanother preferred embodiment of an information processing sitecommunicating backup information in accordance with the presentinvention. In the embodiment of FIG. 2B, the monitoring server 24 andthe communication gateway 26 are connected to the SAN 56. The monitoringserver 24 monitors the storage I/O requests 62, as indicated by element63, and communicates the corresponding backup information records 64,via the SAN 56, the communication gateway 26 and the interconnection 16,to the information backup and recovery site 14.

Reference is now made to FIG. 2C, which is a simplified illustration ofyet another preferred embodiment of an information processing sitecommunicating backup information in accordance with the presentinvention. In this embodiment, a storage network switching andmonitoring device 66 functions as a storage network switch, or a similartype of network equipment, with an additional functionality of themonitoring server 24. The application servers 54 communicate storage I/Orequests 62 to the storage devices 22 via the storage network switchingand monitoring device 66. The storage network switching and monitoringdevice 66 monitors the storage I/O requests 62 and communicates thecorresponding backup information records 64, typically via the LAN 50,via the communication gateway 26 and via the interconnection 16, to theinformation backup and recovery site 14.

Reference is now made to FIG. 2D, which is a simplified illustration ofstill another preferred embodiment of the information processing sitecommunicating backup information in accordance with the presentinvention. As seen in FIG. 2D, application server 68 includes thefunctionality of the monitoring server 24, typically as a softwarecomponent. The monitoring server functionality within the applicationserver 68 monitors the I/O requests 60 or 62 and communicates thecorresponding backup information records 64, via the LAN 50, thecommunication gateway 26 and the interconnection 16, to the informationbackup and recovery site 14.

Reference is now made to FIG. 2E, which is a simplified illustration ofyet another preferred embodiment of the information processing sitecommunicating backup information in accordance with the presentinvention. In this embodiment, one or more information storage devices22 are replaced by monitoring storage devices 70 which include thefunctionality of a monitoring server and an information storage device.It is appreciated that a monitoring storage device 70 can monitor one ormore additional information storage devices 22, as shown. Theapplication servers 54 communicate the storage I/O requests 62 to themonitoring storage devices 70. The monitoring storage devices 70 monitorthe storage I/O requests 62 and communicate the corresponding backupinformation records 64, via the LAN 50, the communication gateway 26 andthe interconnection 16, to the information backup and recovery site 14.

Reference is now made to FIG. 2F, which is a simplified illustration ofa further preferred embodiment of the information processing sitecommunicating backup information in accordance with the presentinvention. As seen in FIG. 2F, the monitoring server 24 monitors the I/Orequests 60 over the LAN 50, as indicated by element 63, and sends thecorresponding backup information records 64, via the LAN 50, thecommunication gateway 26 and the interconnection 16, to the remoteinformation backup and recovery site 14.

Reference is now made to FIG. 2G, which is a simplified illustration ofanother preferred embodiment of the information processing sitecommunicating backup information in accordance with the presentinvention. The embodiment of FIG. 2G is similar to the embodiment ofFIG. 2A, except in that LAN 50 of FIG. 2A is comprised of multiple LANs50 in FIG. 2G, typically remotely located from each other, connected viainterconnection 76, and SAN 56 of FIG. 2A is comprised of multiple SANs56 in FIG. 2G, typically remotely located from each other, connected viainterconnection 78. It is appreciated that while the embodiment of FIG.2G shows both interconnections 76 and 78, only one of these twointerconnections need be operative according to the present invention.It is also appreciated that multiple interconnected LANs 50 and SANs 56can be employed using any of the embodiments shown and described inFIGS. 2A–2F.

FIG. 2G also illustrates an embodiment of the present invention whichincludes remote storage devices 80, typically Network Attached Storage(NAS) devices. In this embodiment, information processing devices 20communicate I/O requests 82 to remote storage devices 80. Monitoringserver 24 monitors the I/O requests 82 and communicates thecorresponding backup information records 64, typically via the LAN 50,via the communication gateway 26 and via the interconnection 16 to theremote information backup and recovery site 14.

It is appreciated that in any of the embodiments of FIGS. 2A–2G, thecommunications gateway 26 can be connected to the SAN 56 instead of theLAN 50, as is illustrated in the embodiment shown is FIG. 2B. It isfurther appreciated that in the configurations of FIGS. 2A–2G thefunctionality of the communication gateway 26, as well as at least aportion of the functionality of information storage device 22, may beembodied in one of the application servers 54.

Reference is now made to FIGS. 3A and 3B, which are simplifiedillustrations of the flow of backup data in a data backup and recoverysystem and method constructed and operative in accordance with preferredembodiments of the present invention. As seen in FIG. 3A, the dataprocessing site 12 includes one or more information processing devices20, here specifically designated by reference numerals 90, 92 and 94,one or more information storage devices 22, here specifically designatedby reference numerals 96, 98, 100 and 102, and a data switching facility104. The data switching facility 104 comprises the interconnection 28,the monitoring server 24 and preferably also the communication gateway26 in accordance with any of the configurations shown and described withreference to FIGS. 2A–2G. It is appreciated that the data switchingfacility may comprise a local area network (LAN), a storage area network(SAN), a data router, a data switch, a computer back-plane or any otherdevice providing a similar functionality or any combination thereof.

In accordance with the preferred embodiment of the present inventionillustrated in FIG. 3A, the information processing server 90 hosts oneor more information processing jobs 106, here specifically designated byreference numerals 110 and 112 and by the letters A and B, respectively.The information processing device 92 hosts one or more informationprocessing jobs 106, here specifically designated by reference numeral114 and by the letter C. The information processing device 94 hosts oneor more information processing jobs 106, here specifically designated byreference numerals 116 and 118, and by the letters D and E,respectively.

Each of the information processing jobs 106 has a stream of data 120which flows to the data switching facility 104. The streams of data 120of the data processing jobs 110, 112, 114, 116 and 118 are respectivelyspecifically designated by reference numerals 122, 124, 126, 128 and130. Each stream of data 120 comprises a sequence of data records 132,which are converted by data switching facility 104 into data records134. The data records 132 are typically identical to the I/O requests 60and the data records 134 are typically identical to the storage I/Orequests 62 of FIGS. 2A–2G. Each data record is specifically designatedby a combination of the designation letter of the originatinginformation processing job 106 and a sequential number of the record inthe stream of data 120. For example, the data records 132 sent by thedata processing job 110, designated by the letter A, are designated A1,A2, A3 and so on according to the order they are sent, wherein datarecord A1 precedes data record A2.

It is appreciated that the intra-sequence order of the data records 132within a stream of data 120 is at least partially a material feature ofthe processing job 106. It is also appreciated that the inter-sequenceorder of data records 132 between some of the streams of data 120 may beat least partially a material feature of the corresponding informationprocessing jobs 106. Consequently, it is appreciated that theintra-sequence and the inter-sequence order of data records 134 may beat least partially a material feature of the information processing jobs106. For example, if the data records 134 are not written to theinformation storage devices 22 in the appropriate order, the integrityof the information may be adversely affected. It is further appreciatedthat the transmission time delay between records 132, within a stream ofdata 120 or between streams of data 120, may be variable or evenpractically random. The overall order in which the data records 132 arereceived by the data switching facility 104 is designated by the letterT followed by a numeral that represent the inter-sequence order of thedata records 132. Namely, a data record designated by T7 always followsa data record T6 and precedes a data record T8. For example, data recordA3T7 follows the data record B4T6 and precedes the data record D2T8.

As seen in FIG. 3A, the data switching facility 104 distributes the datarecords 134 to the appropriate data storage devices 22. To perform thedistribution task the data switching facility 104 has a stream of data138 to each of the four data storage devices 22. The streams of data 138to the data storage devices 96, 98, 100 and 102 are respectivelyspecifically designated by reference numerals 140, 142, 144 and 146.

As seen in FIG. 3A, the data processing job 110, also designated by theletter A, sends data records 132, converted by data switching facility104 into data records 134, designated with a prefix A, to data storagedevices 96, 98, 100 and 102; data processing job 112, also designated bythe letter B, sends data records 132, converted by data switchingfacility 104 into data records 134, designated with a prefix B, to datastorage devices 98 and 100; data processing job 114, also designated bythe letter C, sends data records 132, converted by data switchingfacility 104 into data records 134, designated with a prefix C, to datastorage devices 96 and 98; data processing job 116, also designated bythe letter D, sends data records 132, converted by data switchingfacility 104 into data records 134, designated with a prefix D, to datastorage device 102 and data processing job 118, also designated by theletter E, sends data records 132, converted by data switching facility104 into data records 134, designated with a prefix E, to data storagedevice 100 and 102.

It is appreciated that in order to ensure the integrity of theinformation in the information storage devices 22, the data records 134must be written to the information storage devices 22 in the order theyare received by the interconnection 28. It is especially important thatthe writing of a data record 134 must be finished before the writing ofa related and later data record 134 is started. This requirement isequally valid for I/O operations in the information processing site 12and for I/O operations in the information backup and recovery site 14.Preferably, the inter-sequence order values are implemented as timevalues, where such time value typically represents the time in which therespective data record 132 is received at the interconnection 28. In apreferred embodiment of the present invention, the monitoring server 24creates a backup information record 64 and sends it to the informationbackup and recovery site 14 as soon as the corresponding data record 132is received by interconnection 28 and detected by the monitoring server24.

Referring now to FIG. 3B, the data switching facility 104, typically theapplication servers 54 within interconnection 28 within the dataswitching facility 104, converts each data record 132 into a pluralityof data records 134. In the embodiment shown in FIG. 3B, the datarecords 132, designated by A1, A2 and B1, are converted into datarecords 134, A1.1T1, A1.2T3, A1.3T8; A2.1T6, A2.1T9 and B1.1T2, B1.2T7,B1.3T11, respectively. Preferably, the monitoring server 24 creates abackup information record 64 for each data record 134. The monitoringserver 24 then sends the backup information records 64 to theinformation backup and recovery site 14, preserving the order in whichthe backup information records 64 are written to the information storagedevices 22, as will be discussed hereinbelow with reference to FIGS.4A–5.

Reference is now made to FIGS. 4A, 4B, 4C and 4D. FIGS. 4A and 4B, takentogether, are a simplified illustration of the flow of backup data fromthe information processing site 12, via the interconnection 16, to theinformation backup and recovery site 14. FIG. 4A illustrates themonitoring server 24 sending the backup information records 64 via thecommunication gateway 26 to the interconnection 16 and FIG. 4Billustrates the data backup and recovery site 14 receiving the backupinformation records 64 from the interconnection 16 via the communicationgateway 34.

As seen in FIG. 4A, the backup information records 64 are specificallydesignated by reference numerals 150 to 159 according to the order theyare sent by monitoring server 24. Preferably, the monitoring server 24creates a backup information record 64 and sends it as soon as a datarecord 134 is detected by the monitoring server 24.

It is appreciated that the order in which the backup information records64 are received at the information backup and recovery site 14 may bedifferent from the order in which backup information records 64 are sentby the monitoring server 24 of the information processing site 12, asseen in FIG. 4B.

The backup information records 64 are marked by the monitoring server 24with corresponding order stamps 162. The order stamps 162 designate theorder in which the corresponding backup information records 64 arereceived by the interconnection 28. In the embodiment of FIGS. 4A and4B, which corresponds to the embodiment of FIG. 3A, the order stamp 162comprises the designation letter of the information processing job 106that originated the I/O requests 60 for which the specific backupinformation records 64 is sent, followed by the sequential number of theI/O request 60 in the stream of data 120, followed by the letter “T” andthe overall sequential number that designates the order of arrival ofthe I/O request 60 at the interconnection 28.

In another preferred embodiment of the present invention, the orderstamp 162 comprises a time mark that designates the order of arrival ofthe I/O requests 60 or the storage I/O requests 62 at theinterconnection 28 and their detection by the monitoring server 24.

FIGS. 4C and 4D, taken together, are a simplified illustration of theflow of backup data from the information processing site 12, via theinterconnection 16, to the information backup and recovery site 14 inanother preferred embodiment of the present invention. As seen in FIGS.4C and 4D, the order stamp 162 comprises an order mark, typically anumerator, designating the order of arrival of the I/O request 60 or thestorage I/O requests 62 at the interconnection 28 and their detection bythe monitoring server 24, and a time mark, designating the time ofarrival of the I/O request 60 or the storage I/O requests 62 at theinterconnection 28 and their detection by the monitoring server 24. Theorder mark is designated in FIGS. 4C and 4D by the letter N followed byan integer and the time mark is designated by the letter T followed by atime value represented by an integer.

Reference is now made to FIG. 5, which is a simplified illustration ofthe flow of backup data into and within the information backup andrecovery site 14 in accordance with a preferred embodiment of thepresent invention. As seen in FIG. 5, the information backup andrecovery site 14 comprises a communication gateway 34, a data switchingfacility 170, typically communicating with one or more informationbackup and recovery servers 30, here specifically designated byreference numerals 172 and 174, which communicate with one or moreinformation storage devices 32, here specifically designated byreference numerals 176, 178, 180 and 182, typically via anotherinformation switching facility 184. The information backup and recoveryservers 30 have a temporary memory 186, implemented in FIG. 5 as sharedredundant disk storage. It is appreciated that the temporary memory 186can comprise a RAM memory, a non-volatile memory, a log file stored inthe disk storage system, or any other suitable temporary storage device.

In the embodiment shown in FIG. 5, the information switching facilities170 and 184 may be a local area network (LAN), a data router, a dataswitch, a storage area network (SAN), a computer back-plane or any otherdevice providing a similar functionality.

In the embodiment of FIG. 5, the two backup and recovery servers 30 areprovided for redundancy and enhanced reliability. It is appreciated thata single information backup and recovery server 30 as well as more thantwo information backup and recovery servers 30 can be used. It isfurther appreciated that the functionality of the communication gateway34, as well as the functionality of part or all of information storagedevices 32, may be embodied in one of the information backup andrecovery servers 30.

As seen in FIG. 5, the backup information records 64 are received at thedata-switching device 170, which distributes the backup informationrecords 64 to the backup and recovery servers 30. The backup andrecovery servers 30 distribute the data records to the data storagedevices 32.

In a preferred embodiment of the present invention, the backup andrecovery servers 30 store the backup information records 64 that arereceived out of sequence in the temporary memory 186, until the sequenceis completed. Typically, the information backup and recovery site 14verifies that a sequence is completed by checking the order stamps 162of the backup information records 64 in the temporary memory.Preferably, the order stamps 162 are a sequence of integer numbers andthe information backup and recovery site 14 verifies that a completesequence of one or more order stamps 162 exists in the temporary memory.When a complete sequence of order stamps 162, corresponding to backupinformation records 64, following the earliest available order stamp 162is found in temporary memory, the information backup and recovery site14 writes this sequence of backup information records 64 to the datastorage devices 32. Preferably, the backup information records 64 arewritten to the data storage devices 32 in their respective orderaccording to their order stamps 162.

For example, as shown in FIG. 4D, the backup information records 64designated by reference numerals 150, 151 and 152 are received at theinformation backup and recovery site 14 in the order 152, 150, 151. Thebackup information records 64 designated by reference numerals 152 and150, with order stamps 162 N2T2 and N3T3 respectively, were stored inthe temporary memory 186 until the backup information records 64designated by reference numeral 151, with order stamp 162 N1T1 wasreceived and the sequence was completed. Then, as seen in FIG. 5, thebackup information records 64, designated by reference numerals 150,151, and 152, are written to the data storage devices 32. In the exampleshown in FIG. 5, the backup information records 64 are written to thedata storage devices 32 in the order they have been written to theinformation storage devices 22, namely 151, 152, and 150, according totheir corresponding order stamps 162, N1T1, N2T2 and N3T3.

As also seen in FIG. 4D, the backup information records 64 designated byreference numerals 156 and 154, bearing the corresponding order stamps162 N6T6 and N5T5, are received next. As seen in FIG. 5, the backupinformation records 64 designated by reference numerals 156 and 154 arestored in the temporary memory 186 until the backup information record64 designated by reference numeral 153 and bearing the order stamp 162N4T4 is received.

In a preferred embodiment of the present invention the backup andrecovery servers 30 check the storage addresses where the backupinformation records 64 are to be written to. The backup informationrecords 64 that are not being sent to the same data storage devices 32are written in parallel, not necessarily according to the order of theirorder stamps 162.

In a preferred embodiment of the present invention, the backup andrecovery servers 30 check the storage addresses where the backupinformation records 64 are to be written to. If more than one backupinformation record 64 is to be written to the same place in the datastorage devices 32, the backup and recovery server 30 writes only thelast backup information record 64 to be written to that same place. Itis appreciated that this procedure enables the backup and recoveryserver 30 to quickly purge the temporary memory 186 to the data storagedevices 32.

It is appreciated that each sequence completion serves as a point ofsynchronization between the information processing site 12 and theinformation backup and recovery site 14, or as a point of consistency ofthe backup information received at the information backup and recoverysite 14.

It is appreciated that in case of a failure of the backup and recoverysite 14 during the process of writing backup information records 64 tothe information storage devices 32 an internal recovery process canemploy the information stored in the temporary memory 186, especiallywhen implemented in non-volatile memory or as a log file in the diskstorage system, to recover backup information up and until the latestbackup information record 64 in the temporary memory 186 for which thesequence of order stamps 162 is complete.

It is appreciated that the information recovery process, which follows afailure of the information processing site 12, can recover theinformation up to the latest backup information record 64, which maystill reside in the temporary memory 186, provided that informationconsistency is preserved, for example, up and until the latest backupinformation record 64 for which the sequence of order stamps iscomplete.

In an alternative embodiment of the information backup and recovery site14 of the present invention, designated as “log-based backup”, the orderby which the backup information records 64 are stored in the informationstorage devices 32 is immaterial, and, for example, can be the order oftheir arrival at the information switching facility 170. In thisembodiment, the backup information records 64 and the correspondingorder stamps 162 are stored in the data storage devices. Alternatively,the order stamps 162 are stored separately from the backup informationrecords 64, for example, in a separate file or even in a separateinformation storage device 32, and are associated with their respectivebackup information records 64, for example, with a pointer embedded ineach order stamp 162 pointing to the respective backup informationrecord 64. In this embodiment, the backup information records 64 storedin the information storage devices 32 of the information backup andrecovery site 14 are used in the recovery process. The recovereddata-structure can be rebuilt in the information processing site 12 orin the information backup and recovery site 14.

It is appreciated that in the case of a failure of the informationprocessing site 12, all the storage I/O requests 62 that have not yetbeen sent to the backup and recovery site 14 are lost.

In the preferred embodiment of the present invention, shown anddescribed with reference to FIGS. 1–5, the backup processes enable theinformation processing site 12 to transmit the storage I/O requests 62to the information backup and recovery site 14 without any delay,greatly reducing the possibility that storage I/O requests 62 areawaiting transmission to the information backup and recovery site 14 andare thus lost. Additionally, the backup processes described enable theinformation backup and recovery site 14 to identify the points ofsynchronization, or the points of consistency, without requiring theinformation processing site 12 to delay the sending of more I/O requests62 until the recent point of synchronization is identified. Theinformation processing site 12 also does not wait to receive anacknowledgement from the information backup and recovery site 14 that asynchronization point has been identified.

Additionally, in the preferred embodiment of the present inventiondescribed above, there is no requirement to define the points ofsynchronization in advance. Advance definition of the points ofsynchronization typically results in relatively low frequency of pointsof synchronization. Thus, in the case of a failure of the informationprocessing site 12, I/O requests 62 that are received at the informationbackup and recovery site 14 since the last synchronization point aredeemed lost, even if these I/O requests 62 are already written to theinformation storage devices 32. Also, synchronization at the informationprocessing site 12 causes delays in the sending of the backupinformation records 64 and therefore increases the possibility ofcongestion, and decreases the efficiency, of the interconnection 16.

Thus, the present invention provides for less potential data loss in theevent of a failure of the information processing site 12, as well asincreased efficiency of the interconnection 16.

Reference is now made to FIGS. 6 and 7, which are simplifiedillustrations of the flow of recovery data within a data backup andrecovery system and method constructed and operative in accordance witha preferred embodiment of the present invention. The embodiment of FIGS.6 and 7 describes the flow of recovery data from the information backupand recovery site 14, which enables the recovery of the data-structureat the information processing site 12, in the case of a “log-basedbackup”. As seen in FIGS. 6 and 7, the backup information records 64 aretransmitted to the information processing site 12 according to theirrespective order stamps 162, with the backup information records 64associated with the earlier order stamps 162 being sent first. Thebackup information records 64 are thus transmitted to the informationprocessing site 12 in the order they were originally sent by theiroriginating information processing job 106. In the process of datarecovery of FIGS. 6 and 7, the data-structure is recovered in theinformation processing site 12 and further processing continues in theinformation processing site 12 after the recovery of the data-structureis completed. Alternatively, the information processing activitycontinues directly from the data-structure in the information backup andrecovery site 14.

Reference is now made to FIG. 8, which is a simplified illustration ofthe flow of backup information and associated order stamps from aplurality of monitoring servers 24 operative in accordance with apreferred embodiment of the present invention. As seen in FIG. 8, aplurality of monitoring servers 24 send backup information records 64and corresponding order stamps 162 to backup and recovery site 14. It isappreciated that the monitoring servers 24 are operative to assign orderstamps 162 to the backup information records 64, wherein the orderstamps 162 comprise a universal order information, typically a timestamp, providing the order of the backup information records 64 acrossall monitoring servers 24. Additionally and alternatively, the orderstamps 162 may comprise a global order stamp, typically a singlenumerator that is common to all the monitoring servers 24. The pluralityof monitoring servers 24 of FIG. 8 may be part of a single informationprocessing site 12, as is shown and described in FIGS. 2D, 2E and 2G ormay be located in multiple information processing sites 12. Theplurality of monitoring servers 24 enables the information processingsite 12 to send the backup information records 64 in parallel. Thisconfiguration decreases the number of storage I/O requests 62 that maybe lost in the case of a failure of the information processing site 12.

Reference is now made to FIG. 9, which is a simplified illustration ofthe flow of backup information and separate, associated, order stamps,from a plurality of information processing sites operative in accordancewith another preferred embodiment of the present invention. As seen inthe embodiment of FIG. 9, the backup information records 64, bearingtheir order stamps 162, are sent via a first interconnection 16, herespecifically designated by reference numeral 190, and written directlyto the temporary memory 186 of the backup and recovery site 14. Theorder stamps 162, here specifically designated by reference numeral 192,are also sent to the backup and recovery site 14, in parallel to thebackup information records 64, via a second interconnection 16, herespecifically designated by reference numeral 194, to the informationbackup and recovery servers 30. Each of the order stamps 192 typicallycomprises a pointer that associates the order stamp 192 with itscorresponding backup information record 64. Typically, when theinformation backup and recovery servers 30 detect a complete sequence oforder stamps 192, the information backup and recovery servers 30retrieve the corresponding backup information records 64 from thetemporary memory 186 and write them to the information storage devices32.

Reference is now made to FIGS. 10A and 10B, which, taken together, forma simplified flow chart of a typical procedure, executed by theinformation backup and recovery servers 30 of a data backup and recoverysystem, comprising a multiplicity of monitoring servers 24, as shown anddescribed above with reference to FIGS. 8 and 9, in accordance with apreferred embodiment of the present invention, to manage the temporarymemory 186.

As seen in FIG. 10A, in steps 200 and 202, the information backup andrecovery server 30 receives a backup information record 64 and stores itin the temporary memory 186, in a queue associated with the monitoringserver 24 from which the backup information record 64 has been received.In step 204 the information backup and recovery server 30 attempts tocreate a complete sequence of backup information records 64 for thespecific monitoring server 24. If the attempt succeeds (step 206), thebackup and recovery server 30 updates the “last order mark” and the“last time mark” fields that are associated with the specific monitoringserver 24 according to the order mark and the time mark of the lastbackup information records 64 in the complete sequence (step 208) andproceeds to scan the temporary memory 186 (FIG. 10B). If the attempt tocreate a complete sequence fails, the procedure ends.

As seen in FIG. 10B, the procedure of scanning the temporary memoryfirst checks that all the monitoring servers 24 have a complete sequence(step 210). If all the monitoring servers 24 have a complete sequencethe procedure calculates (step 212) the values of “next consistencypoint”, which is the earliest of the “last time marks” of all thecomplete sequences. As described hereinabove with reference to FIG. 10A,a “last time mark” is created for each complete sequence.

Optionally, as shown and described in FIG. 10B, the procedure executessteps 214 and 216, in which all backup information records 64 which areto be written to the same area in the information storage device 32 areerased except for the latest backup information record 64.

The procedure then proceeds to steps 218 and 220 in which all the backupinformation records 64 in the temporary memory 186, with a time markearlier or equal to the “next consistency point”, are written to theinformation storage devices 32 and then erased from the temporary memory186.

Reference is now made to Appendix 1, which is a computer listing whichforms a preferred software embodiment of the present invention.

A preferred method for installing and running the software listing ofthe CD-ROM Appendix 1 is as follows:

1. SANSafe Management Server Installation:

-   1.1. Provide an Intel compatible computer with a minimum of 512 MB    RAM, 350 Mhz CPU, 30 Gigabyte Hard disk, and a network interface    card. Install a Microsoft Windows 2000 operating system and    Microsoft Internet Explorer. Ensure that the Virtual memory page    size is configured to allow growth to 4 gigabytes.-   1.2. Provide connectivity via a Local Area Network and/or a Wide    Area Network.-   1.3. Unhex the computer listing 42541.HEX of Appendix 1 using HEX IT    V1.8 or greater by John Augustine, 3129 Earl St., Laureldale, Pa.    19605 creating file 42541.ZIP.-   1.4. Decompress the file 42541.ZIP using WINZIP version 6.2 or    greater, extracting all files into their respective directories    utilizing the WINZIP version 6.2 option “Use folder names”.-   1.5. Open the Windows explorer.-   1.6. Double click on the Management Server directory labeled “MGMT    Server SetUp”.-   1.7. Double click on the setup icon.-   1.8. Follow the default prompts provided therein.    2. SANSafe Management Client Installation:-   2.1. Provide an Intel compatible computer with a minimum of 128 MB    RAM, 350 Mhz CPU, and a network interface card. Install a Microsoft    Windows 2000 operating system and Microsoft Internet Explorer.-   2.2. Provide connectivity via a Local Area Network and/or a Wide    Area Network.-   2.3. Unhex the computer listing 42541.HEX of Appendix 1 using HEX IT    V1.8 or greater by John Augustine, 3129 Earl St., Laureldale, Pa.    19605 creating file 42541.ZIP.-   2.4. Decompress the file 42541.ZIP using WINZIP version 6.2 or    greater, extracting all files into their respective directories    utilizing the WINZIP version 6.2 option “Use folder names”.-   2.5. Open the Windows explorer.-   2.6. Double click on the Management Client directory labeled “MGMT    Client SetUp”,-   2.7. Double click on the setup icon.-   2.8. Follow the default prompts provided therein.    3. Replication Appliance Installation:-   3.1. Provide an Intel compatible computer with a minimum of 512 MB    RAM, 350 Mhz CPU, 30 Gigabyte Hard disk, and a network interface    card. Install a Microsoft Windows 2000 operating system and    Microsoft Internet Explorer. Ensure that the Virtual memory page    size is configured to allow growth to 4 gigabytes.-   3.2. Provide connectivity via a Local Area Network and/or a Wide    Area Network.-   3.3. Unhex the computer listing 42541.HEX of Appendix 1 using HEX IT    V1.8 or greater by John Augustine, 3129 Earl St., Laureldale, Pa.    19605 creating file 42541.ZIP.-   3.4. Decompress the file 42541.ZIP using WINZIP version 6.2 or    greater, extracting all files into their respective directories    utilizing the WINZIP version 6.2 option “Use folder names”.-   3.5. Open the Windows explorer.-   3.6. Double click on the Replication Appliance directory labeled    “Replication Appliance SetUp”.-   3.7. Double click on the setup icon.-   3.8. Follow the default prompts provided therein.    4. Installing the Replication Agent:-   4.1. Provide an Intel compatible computer with a minimum of 512 MB    RAM, 350 Mhz CPU, 30 Gigabyte Hard disk, and a network interface    card. Install a Microsoft Windows 2000 operating system and    Microsoft Internet Explorer. Ensure that the Virtual memory page    size is configured to allow growth to 4 gigabytes.-   4.2. Provide connectivity via a Local Area Network and/or a Wide    Area Network.-   4.3. Unhex the computer listing 42541.HEX of Appendix 1 using HEX IT    V1.8 or greater by John Augustine, 3129 Earl St., Laureldale, Pa.    19605 creating file 42541.ZIP.-   4.4. Decompress the file 42541.ZIP using WINZIP version 6.2 or    greater, extracting all files into their respective directories    utilizing the WINZIP version 6.2 option “Use folder names”.-   4.5. Open the Windows explorer.-   4.6. Double click on the Replication Agent directory labeled    “Replication Agent SetUp”.-   4.7. Double click on the setup icon.-   4.8. Follow the default prompts provided therein.    5. Running the SANSafe Management Server:-   5.1. On the computer terminal referenced in step 1.1:-   5.1.1. Ensure connectivity via a Local Area Network to the    Replication appliance referenced in step 3.-   5.1.2. Click on “Start”-   5.1.3. Select “Programs”-   5.1.4. Click on “SANSafe Management Server”    6. Running the SANSafe Management Client:-   6.1. On the computer terminal referenced in step 2.1:-   6.1.1. Ensure connectivity via a Local Area Network and/or a Wide    Area Network to the Management Server machine referenced in step 1    above.-   6.1.2. Open the Microsoft Internet Explorer Browser.-   6.1.3. Open MGMT/SANSafe/SanPro.html.    7. Running the Replication Appliance:-   7.1. On the computer terminal referenced in step 3.1:-   7.1.1. Ensure connectivity via a Local Area Network and/or a Wide    Area Network to the Replication Agent referenced in step 4 above.-   7.1.2. Click on “Start”-   7.1.3. Select “Programs”-   7.1.4. Click on “SANSafe Replication Appliance”    8. Running the Replication Agent:-   8.1. On the computer terminal referenced in step 4.1:-   8.1.1. Ensure connectivity via a Local Area Network and/or a Wide    Area Network to the Replication Appliance machine referenced in step    3 above.-   8.1.2. Right click on the “my computer” icon-   8.1.3. Select “Manage”-   8.1.4. Double Click on “Services and Applications”-   8.1.5. Double click on “Services”-   8.1.6. Right click on “SANSafe Replication Agent”-   8.1.7. Select “Start”

It is appreciated that the particular embodiment implemented by theappendix is intended only to provide an extremely detailed disclosure ofthe present invention and is not intended to be limiting.

It will be appreciated by persons skilled in the art that the presentinvention is not limited by what has been particularly shown anddescribed herein above. Rather the scope of the present inventionincludes both combinations and subcombinations of the various featuresdescribed hereinabove as well as variations and modifications whichwould occur to persons skilled in the art upon reading thespecifications and which are not in the prior art.

1. A data backup and recovery system for use with at least one serverinterconnected with at least one storage device, said data backup andrecovery system comprising: at least one data recovery device; at leastone data recovery storage device comprising a permanent storagecomponent associated with and controlled by said at least one datarecovery device; and at least one data communication monitor forproviding to said at least one data recovery device at least controlinformation bearing an order stamp including an order mark and a timemark regarding data communications between corresponding ones of said atleast one server and said at least one storage device, said at least onedata recovery device being responsive to at least said controlinformation bearing an order stamp for storing data on said permanentstorage component of said at least one data recovery storage device in amanner which enables reconstruction of a complete sequence of datacommunications for each of said at least one data communication monitorand enables reconstruction of a representation of said datacommunications at a given earlier time but does not require that thedata be sent to said at least one data recovery device in a given orderand stored on said permanent storage component of said at least one datarecovery storage device in a given order before re-ordering the data. 2.A data backup and recovery system according to claim 1 and wherein atleast one of said at least one data communication monitor is locatedother than at said at least one storage device.
 3. A data backup andrecovery system according to claim 1 and wherein said at least one datacommunication monitor also provides at least part of said datacommunications to said at least one data recovery device.
 4. A databackup and recovery system according to claim 2 and wherein said atleast one data communication monitor also provides at least part of saiddata communications to said at least one data recovery device.
 5. A databackup and recovery system according to claim 1 and wherein said atleast one data recovery device is operative to receive said at leastcontrol information and to store data on said at least one data recoverystorage device in parallel.
 6. A data backup and recovery systemaccording to claim 1 and wherein said data communications comprise dataupdates.
 7. A data backup and recovery system according to claim 1 andwherein said reconstruction of a representation of said datacommunications at a given earlier time guarantees that if the orderstamp of a first update is smaller than the order stamp of a secondupdate, the second update is not stored on said at least one datarecovery storage device unless the first update is stored on said atleast one data recovery storage device.
 8. A data backup and recoverysystem according to claim 1 and wherein individual ones of said at leastone data communication monitor are associated with individual ones ofsaid at least one server.
 9. A data backup and recovery system accordingto claim 1 and wherein said at least one data communication monitor isassociated with network elements of a storage area network.
 10. A databackup and recovery system according to claim 1 and wherein at least oneof said control information and said data communications is communicatedfrom said at least one data communication monitor to said at least onedata recovery device via a network.
 11. A data backup and recoverysystem according to claim 10 and wherein said network is a privatenetwork.
 12. A data backup and recovery system according to claim 10 andwherein said network is a public network.
 13. A data backup and recoverysystem according to claim 1 and wherein at least one of said controlinformation and said data communications is communicated from said atleast one data communication monitor to said at least one data recoverydevice via a storage area network.
 14. A data backup and recovery systemaccording to claim 1 and wherein said at least one data communicationmonitor provides at least part of said data communications to said atleast one data recovery storage device other than via said at least onedata recovery device.
 15. A data backup and recovery system according toclaim 1 and also comprising at least one LOG storage device wherein saidat least one LOG storage device comprises at least control informationbearing a time mark regarding data communications between correspondingones of said at least one server and said at least one storage devicevia a storage area network.
 16. A data backup and recovery systemaccording to claim 15 and wherein said at least one data communicationmonitor also stores at least part of said data communications to said atleast one LOG storage device.
 17. A data backup and recovery systemaccording to claim 16 and wherein said data communications stored tosaid at least one LOG storage device comprise data updates sent by saidat least one server to said at least one storage device.
 18. A databackup and recovery system according to claim 17 having said at leastone LOG storage device such that if either said control information orsaid data communications or both are prematurely erased from said atleast one data recovery device due to a failure or other event, said atleast one data recovery device restores either said control informationor said data communications or both from said at least one LOG storagedevice.
 19. A data backup and recovery system according to claim 18 andwherein said at least one data recovery device resumes its activitieswith said control information or said data communications or bothrestored from said at least one LOG storage device.
 20. A data backupand recovery system according to claim 18 and wherein said at least partof said data communications is communicated from said at least one datacommunication monitor to said at least one LOG storage device via anetwork.
 21. A data backup and recovery system according to claim 20 andwherein said network is a private network.
 22. A data backup andrecovery system according to claim 20 and wherein said network is apublic network.
 23. A data backup and recovery system according to claim18 and wherein at least part of said data communications is communicatedfrom said at least one data communication monitor to said at least oneLOG storage device via said storage area network.
 24. A data backup andrecovery system according to claim 17 and wherein said at least one datarecovery device retrieves said at least part of said data communicationsfrom at least one LOG storage device for the purpose of storing saiddata to at least one data recovery storage device associated therewithin a time ordered manner.
 25. A data backup and recovery systemaccording to claim 17 wherein said at least one data recovery deviceretrieves both said control information and said at least part of saiddata communications from at least one LOG storage device for the purposeof storing said data to at least one data recovery storage deviceassociated therewith in a time ordered manner.
 26. A data backup andrecovery system according to claim 25 and wherein both said controlinformation and said at least part of said data communications arecommunicated from said at least one data communication monitor to saidat least one LOG storage device via a network.
 27. A data backup andrecovery system according to claim 26 and wherein said network is aprivate network.
 28. A data backup and recovery system according toclaim 26 and wherein said network is a public network.
 29. A data backupand recovery system according to claim 25 and wherein both said controlinformation and said at least part of said data communications arecommunicated from said at least one data communication monitor to saidat least one LOG storage device via said storage area network.
 30. Adata backup and recovery system according to claim 1 and wherein saidreconstruction of a representation comprises sending said datacommunications from said at least one data recovery storage device tosaid at least one storage device.
 31. A data backup and recovery systemaccording to claim 1 and wherein said reconstruction of a representationcomprises employing said at least one data backup and recovery system asat least one of said at least one server and said at least one storagedevice.
 32. A data backup and recovery system according to claim 1 andwherein said at least one server and said at least one storage deviceare interconnected via a local area network (LAN).
 33. A data backup andrecovery system according to claim 32 and wherein said at least one datacommunication monitor monitors data communications between said at leastone server and said at least one storage device over said LAN.
 34. Adata backup and recovery system according to claim 1 and wherein said atleast one server and said at least one storage device are interconnectedvia a storage area network (SAN).
 35. A data backup and recovery systemaccording to claim 34 and wherein said at least one data communicationmonitor monitors data communications between said at least one serverand said at least one storage device over said SAN.
 36. A data backupand recovery system according to claim 34 and wherein said SAN comprisessaid at least one data communication monitor.
 37. A data backup andrecovery system according to claim 1 and wherein said at least onestorage device is a network attached storage (NAS) device.
 38. A databackup and recovery system according to claim 1 and wherein said atleast one server comprises said at least one data communication monitor.39. A data backup and recovery system according to claim 1 and whereinsaid at least one storage device comprises said at least one datacommunication monitor.
 40. A data backup and recovery system for usewith at least one server interconnected with at least one storagedevice, said data backup and recovery system comprising: at least onedata recovery device; at least one data recovery storage devicecomprising a permanent storage component associated with and controlledby said at least one data recovery device; and data communicationmonitors for providing to said at least one data recovery device atleast control information bearing an order stamp including an order markand a time mark regarding data communications between corresponding onesof said at least one server and said at least one storage device, saidat least one data recovery device being operative to receive said atleast control information and to store data on said permanent storagecomponent of said at least one data recovery storage device in paralleland not requiring that the data be received by said at least one datarecovery device in a given order before re-ordering the data.
 41. A databackup and recovery system according to claim 40 and wherein at leastone of said at least one data communication monitor is located otherthan at said at least one storage device.
 42. A data backup and recoverysystem according to claim 41 and wherein said at least one datacommunication monitor also provides at least part of said datacommunications to said at least one data recovery device.
 43. A databackup and recovery system according to claim 40 and wherein said atleast one data communication monitor also provides at least part of saiddata communications to said at least one data recovery device.
 44. Adata backup and recovery system according to claim 40 and wherein saidat least one data recovery device is operative to receive said at leastcontrol information and to store data on said at least one data recoverystorage device in parallel.
 45. A data backup and recovery systemaccording to claim 40 and wherein said data communications comprise dataupdates.
 46. A data backup and recovery system according to claim 40 andwherein said reconstruction of a representation of said datacommunications at a given earlier time guarantees that if the orderstamp of a first update is smaller than the order stamp of a secondupdate, the second update is not stored on said at least one datarecovery storage device unless the first update is stored on said atleast one data recovery storage device.
 47. A data backup and recoverysystem according to claim 40 and wherein individual ones of said atleast one data communication monitor are associated with individual onesof said at least one server.
 48. A data backup and recovery systemaccording to claim 40 and wherein said at least one data communicationmonitor is associated with network elements of a storage area network.49. A data backup and recovery system according to claim 40 and whereinat least one of said control information and said data communications iscommunicated from said at least one data communication monitor to saidat least one data recovery device via a network.
 50. A data backup andrecovery system according to claim 49 and wherein said network is aprivate network.
 51. A data backup and recovery system according toclaim 49 and wherein said network is a public network.
 52. A data backupand recovery system according to claim 40 and wherein at least one ofsaid control information and said data communications is communicatedfrom said at least one data communication monitor to said at least onedata recovery device via a storage area network.
 53. A data backup andrecovery system according to claim 40 and wherein said at least one datacommunication monitor provides at least part of said data communicationsto said at least one data recovery storage device other than via said atleast one data recovery device.
 54. A data backup and recovery systemaccording to claim 40 and also comprising at least one LOG storagedevice wherein said at least one LOG storage device comprises at leastcontrol information bearing a time mark regarding data communicationsbetween corresponding ones of said at least one server and said at leastone storage device via a storage area network.
 55. A data backup andrecovery system according to claim 54 and wherein said at least one datacommunication monitor also stores at least part of said datacommunications to said at least one LOG storage device.
 56. A databackup and recovery system according to claim 55 and wherein said datacommunications stored to said at least one LOG storage device comprisedata updates sent by said at least one server to said at least onestorage device.
 57. A data backup and recovery system according to claim56 wherein said at least one data recovery device retrieves both saidcontrol information and said at least part of said data communicationsfrom at least one LOG storage device for the purpose of storing saiddata to at least one data recovery storage device associated therewithin a time ordered manner.
 58. A data backup and recovery systemaccording to claim 57 and wherein both said control information and saidat least part of said data communications are communicated from said atleast one data communication monitor to said at least one LOG storagedevice via said storage area network.
 59. A data backup and recoverysystem according to claim 57 and wherein both said control informationand said at least part of said data communications are communicated fromsaid at least one data communication monitor to said at least one LOGstorage device via a network.
 60. A data backup and recovery systemaccording to claim 59 and wherein said network is a private network. 61.A data backup and recovery system according to claim 59 and wherein saidnetwork is a public network.
 62. A data backup and recovery systemaccording to claim 56 and wherein said at least one data recovery deviceretrieves said at least part of said data communications from at leastone LOG storage device for the purpose of storing said data to at leastone data recovery storage device associated therewith in a time orderedmanner.
 63. A data backup and recovery system according to claim 54having said at least one LOG storage device such that if either saidcontrol information or said data communications or both are prematurelyerased from said at least one data recovery device due to a failure orother event, said at least one data recovery device restores either saidcontrol information or said data communications or both from said atleast one LOG storage device.
 64. A data backup and recovery systemaccording to claim 63 and wherein said at least one data recovery deviceresumes its activities with said control information or said datacommunications or both restored from said at least one LOG storagedevice.
 65. A data backup and recovery system according to claim 63 andwherein said at least part of said data communications is communicatedfrom said at least one data communication monitor to said at least oneLOG storage device via a network.
 66. A data backup and recovery systemaccording to claim 65 and wherein said network is a private network. 67.A data backup and recovery system according to claim 65 and wherein saidnetwork is a public network.
 68. A data backup and recovery systemaccording to claim 63 and wherein at least part of said datacommunications is communicated from said at least one data communicationmonitor to said at least one LOG storage device via said storage areanetwork.
 69. A method for data backup and recovery for use with at leastone server interconnected with at least one storage device, the methodcomprising: providing at least one data recovery device; providing atleast one data recovery storage device comprising a permanent storagecomponent associated with and controlled by said at least one datarecovery device; and providing at least one data communication monitoroperative to perform: monitoring the data communication between said atleast one server and said at least one storage device; creating at leastcontrol information bearing an order stamp including an order mark and atime mark regarding said data communications between corresponding onesof said at least one server and said at least one storage device; andsending said monitored data communications and said control informationto said permanent storage component of said at least one data recoverydevice, said at least one data recovery device responding to said atleast said control information in a manner which enables reconstructionof a complete sequence of data communications for each of said at leastone data communication monitor and enables reconstruction of arepresentation of said data communications at a given earlier time butnot requiring that said sending said monitored data communications andsaid control information to said permanent storage component of said atleast one data recovery device be in a given order and stored on said atleast one data recovery storage device in a given order beforere-ordering the data.
 70. A method for data backup and recoveryaccording to claim 69 and wherein at least one of said at least one datacommunication monitor is provided other than at said at least onestorage device.
 71. A method for data backup and recovery according toclaim 70 and wherein said at least one data communication monitor alsoprovides at least part of said data communications to said at least onedata recovery device.
 72. A method for data backup and recoveryaccording to claim 69 and wherein said at least one data communicationmonitor also provides at least part of said data communications to saidat least one data recovery device.
 73. A method for data backup andrecovery according to claim 69 and wherein said at least one datarecovery device is operative to receive said at least controlinformation and to store data on said at least one data recovery storagedevice in parallel.
 74. A method for data backup and recovery accordingto claim 69 and wherein said data communications comprise data updates.75. A method for data backup and recovery according to claim 69 andwherein said reconstruction of a representation of said datacommunications at a given earlier time guarantees that if the orderstamp of a first update is smaller than the order stamp of a secondupdate, the second update is not stored on said at least one datarecovery storage device unless the first update is stored on said atleast one data recovery storage device.
 76. A method for data backup andrecovery according to claim 69 and wherein individual ones of said atleast one data communication monitor are associated with individual onesof said at least one server.
 77. A method for data backup and recoveryaccording to claim 69 and wherein said at least one data communicationmonitor is associated with network elements of a storage area network.78. A method for data backup and recovery according to claim 69 andwherein at least one of said control information and said datacommunications is communicated from said at least one data communicationmonitor to said at least one data recovery device via a network.
 79. Amethod for data backup and recovery according to claim 78 and whereinsaid network is a private network.
 80. A method for data backup andrecovery according to claim 78 and wherein said network is a publicnetwork.
 81. A method for data backup and recovery according to claim 69and wherein at least one of said control information and said datacommunications is communicated from said at least one data communicationmonitor to said at least one data recovery device via a storage areanetwork.
 82. A method for data backup and recovery according to claim 69and wherein said at least one data communication monitor provides atleast part of said data communications to said at least one datarecovery storage device other than via said at least one data recoverydevice.
 83. A method for data backup and recovery according to claim 69and also comprising storing at least control information on at least oneLOG storage device, said at least control information bearing a timemark regarding data communications between corresponding ones of said atleast one server and said at least one storage device via a storage areanetwork.
 84. A method for data backup and recovery according to claim 83and wherein said at least one data communication monitor also stores atleast part of said data communications to said at least one LOG storagedevice.
 85. A method for data backup and recovery according to claim 84and wherein said data communications stored to said at least one LOGstorage device comprise data updates sent by said at least one server tosaid at least one storage device.
 86. A method for data backup andrecovery according to claim 85 such that if either said controlinformation or said data communications or both are prematurely erasedfrom said at least one data recovery device due to a failure or otherevent, said at least one data recovery device restores either saidcontrol information or said data communications or both from said atleast one LOG storage device.
 87. A method for data backup and recoveryaccording to claim 86 wherein said at least one data recovery deviceresumes its activities with said control information or said datacommunications or both restored from said at least one LOG storagedevice.
 88. A method for data backup and recovery according to claim 86and wherein said at least part of said data communications iscommunicated from said at least one data communication monitor to saidat least one LOG storage device via a network.
 89. A method for databackup and recovery according to claim 88 and wherein said network is aprivate network.
 90. A method for data backup and recovery according toclaim 88 and wherein said network is a public network.
 91. A method fordata backup and recovery according to claim 86 and wherein at least partof said data communications is communicated from said at least one datacommunication monitor to said at least one LOG storage device via saidstorage area network.
 92. A method for data backup and recoveryaccording to claim 85 wherein said at least one data recovery deviceretrieves said at least part of said data communications from at leastone LOG storage device for the purpose of storing said data to at leastone data recovery storage device associated therewith in a time orderedmanner.
 93. A method for data backup and recovery according to claim 85wherein said at least one data recovery device retrieves both saidcontrol information and said at least part of said data communicationsfrom at least one LOG storage device for the purpose of storing saiddata to at least one data recovery storage device associated therewithin a time ordered manner.
 94. A method for data backup and recoveryaccording to claim 93 and wherein both said control information and saidat least part of said data communications are communicated from said atleast one data communication monitor to said at least one LOG storagedevice via a network.
 95. A method for data backup and recoveryaccording to claim 94 and wherein said network is a private network. 96.A method for data backup and recovery according to claim 94 and whereinsaid network is a public network.
 97. A method for data backup andrecovery according to claim 93 and wherein both said control informationand said at least part of said data communications are communicated fromsaid at least one data communication monitor to said at least one LOGstorage device via said storage area network.
 98. A method for databackup and recovery according to claim 69 and wherein saidreconstruction of a representation comprises sending said datacommunications from said at least one data recovery storage device tosaid at least one storage device.
 99. A method for data backup andrecovery according to claim 69 and wherein said reconstruction of arepresentation comprises employing said at least one data backup andrecovery system as at least one of said at least one server and said atleast one storage device.
 100. A method for data backup and recoveryaccording to claim 69 and wherein said at least one server and said atleast one storage device are interconnected via a local area network(LAN).
 101. A method for data backup and recovery according to claim 100and wherein said at least one data communication monitor monitors datacommunications between said at least one server and said at least onestorage device over said LAN.
 102. A method for data backup and recoveryaccording to claim 69 and wherein said at least one server and said atleast one storage device are interconnected via a storage area network(SAN).
 103. A method for data backup and recovery according to claim 102and wherein said at least one data communication monitor monitors datacommunications between said at least one server and said at least onestorage device over said SAN.
 104. A method for data backup and recoveryaccording to claim 102 and wherein said SAN comprises said at least onedata communication monitor.
 105. A method for data backup and recoveryaccording to claim 69 and wherein said at least one storage device is anetwork attached storage (NAS) device.
 106. A method for data backup andrecovery according to claim 69 and wherein said at least one servercomprises said at least one data communication monitor.
 107. A methodfor data backup and recovery according to claim 69 and wherein said atleast one storage device comprises said at least one data communicationmonitor.
 108. A method for data backup and recovery for use with atleast one server interconnected with at least one storage device, saidmethod comprising: providing at least one data recovery device;providing at least one data recovery storage device comprising apermanent storage component associated with and controlled by said atleast one data recovery device; providing at least one datacommunication monitor operative to perform: monitoring the datacommunication between said at least one server and said at least onestorage device; creating at least control information bearing an orderstamp including an order mark and a time mark regarding said datacommunications between corresponding ones of said at least one serverand said at least one storage device; and sending said monitored datacommunications and said control information to said permanent storagecomponent of said at least one data recovery device, receiving said atleast control information by said at least one data recovery device; andstoring said data on said permanent storage component of said at leastone data recovery storage device in parallel and without requiring thatthe data be received by permanent storage component of said at least onedata recovery storage device in a given order before re-ordering thedata.
 109. A method for data backup and recovery according to claim 108and wherein at least one of said at least one data communication monitoris located other than at said at least one storage device.
 110. A methodfor data backup and recovery according to claim 109 and wherein said atleast one data communication monitor also provides at least part of saiddata communications to said at least one data recovery device.
 111. Amethod for data backup and recovery according to claim 109 and whereinindividual ones of said at least one data communication monitor areassociated with individual ones of said at least one server.
 112. Amethod for data backup and recovery according to claim 108 and whereinsaid at least one data communication monitor also provides at least partof said data communications to said at least one data recovery device.113. A method for data backup and recovery according to claim 108 andwherein said at least one data recovery device is operative to receivesaid at least control information and to store data on said at least onedata recovery storage device in parallel.
 114. A method for data backupand recovery according to claim 108 and wherein said data communicationscomprise data updates.
 115. A method for data backup and recoveryaccording to claim 108 and wherein said reconstruction of arepresentation of said data communications at a given earlier timeguarantees that if the order stamp of a first update is smaller than theorder stamp of a second update, the second update is not stored on saidat least one data recovery storage device unless the first update isstored on said at least one data recovery storage device.
 116. A methodfor data backup and recovery according to claim 108 and wherein said atleast one data communication monitor is associated with network elementsof a storage area network.
 117. A method for data backup and recoveryaccording to claim 108 and wherein at least one of said controlinformation and said data communications is communicated from said atleast one data communication monitor to said at least one data recoverydevice via a network.
 118. A method for data backup and recoveryaccording to claim 117 and wherein said network is a private network.119. A method for data backup and recovery according to claim 117 andwherein said network is a public network.
 120. A method for data backupand recovery according to claim 108 and wherein at least one of saidcontrol information and said data communications is communicated fromsaid at least one data communication monitor to said at least one datarecovery device via a storage area network.
 121. A method for databackup and recovery according to claim 108 and wherein said at least onedata communication monitor provides at least part of said datacommunications to said at least one data recovery storage device otherthan via said at least one data recovery device.
 122. A method for databackup and recovery according to claim 108 and also comprising storingat least control information on at least one LOG storage device, said atleast control information bearing a time mark regarding datacommunications between corresponding ones of said at least one serverand said at least one storage device via a storage area network.
 123. Amethod for data backup and recovery according to claim 122 and whereinsaid at least one data communication monitor also stores at least partof said data communications to said at least one LOG storage device.124. A method for data backup and recovery according to claim 123 andwherein said data communications stored to said at least one LOG storagedevice comprise data updates sent by said at least one server to said atleast one storage device.
 125. A method for data backup and recoveryaccording to claim 124 having said at least one LOG storage device suchthat if either said control information or said data communications orboth are prematurely erased from said at least one data recovery devicedue to a failure or other event, said at least one data recovery devicerestores either said control information or said data communications orboth from said at least one LOG storage device.
 126. A method for databackup and recovery according to claim 125 wherein said at least onedata recovery device resumes its activities with said controlinformation or said data communications or both restored from said atleast one LOG storage device.
 127. A method for data backup and recoveryaccording to claim 125 and wherein said at least part of said datacommunications is communicated from said at least one data communicationmonitor to said at least one LOG storage device via a network.
 128. Amethod for data backup and recovery according to claim 127 and whereinsaid network is a private network.
 129. A method for data backup andrecovery according to claim 127 and wherein said network is a publicnetwork.
 130. A method for data backup and recovery according to claim125 and wherein at least part of said data communications iscommunicated from said at least one data communication monitor to saidat least one LOG storage device via said storage area network.
 131. Amethod for data backup and recovery according to claim 124 wherein saidat least one data recovery device retrieves said at least part of saiddata communications from at least one LOG storage device for the purposeof storing said data to at least one data recovery storage deviceassociated therewith in a time ordered manner.
 132. A method for databackup and recovery according to claim 124 wherein said at least onedata recovery device retrieves both said control information and said atleast part of said data communications from at least one LOG storagedevice for the purpose of storing said data to at least one datarecovery storage device associated therewith in a time ordered manner.133. A method for data backup and recovery according to claim 132 andwherein both said control information and said at least part of saiddata communications are communicated from said at least one datacommunication monitor to said at least one LOG storage device via anetwork.
 134. A method for data backup and recovery according to claim133 and wherein said network is a private network.
 135. A method fordata backup and recovery according to claim 133 and wherein said networkis a public network.
 136. A method for data backup and recoveryaccording to claim 132 and wherein both said control information andsaid at least part of said data communications are communicated fromsaid at least one data communication monitor to said at least one LOGstorage device via said storage area network.